//package com.xt.mes.config.filter;
//
//import com.xt.mes.config.redis.RedisCache;
//import com.xt.mes.util.security.JwtUtil;
//import io.jsonwebtoken.Claims;
//import jakarta.annotation.Resource;
//import jakarta.servlet.FilterChain;
//import jakarta.servlet.ServletException;
//import jakarta.servlet.http.HttpServletRequest;
//import jakarta.servlet.http.HttpServletResponse;
//import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
//import org.springframework.security.core.context.SecurityContextHolder;
//import org.springframework.stereotype.Component;
//import org.springframework.util.StringUtils;
//import org.springframework.web.filter.OncePerRequestFilter;
//
//import java.io.IOException;
//import java.util.Objects;
//
///**
// * token认证过滤器
// * 作用：解析请求头中的token。并验证合法性
// * 继承 OncePerRequestFilter 保证请求经过过滤器一次
// */
//@Component
//public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
//
//    @Resource
//    private RedisCache redisCache;
//
//    @Override
//    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
//        String token = request.getHeader("token");
//        // 没有token
//        if (!StringUtils.hasText(token)) {
//            filterChain.doFilter(request, response);//放行,因为后面的会抛出相应的异常
//            return;
//        }
//
//        // 非法token
//        String userId;
//        try {
//            Claims claims = JwtUtil.parseJWT(token);
//            userId = claims.getSubject();
//        } catch (Exception e) {
//            e.printStackTrace();
//            throw new RuntimeException("非法token!");
//        }
//
//
//        String redisKey = "login:" + userId;
//        LoginUser loginUser = redisCache.getCacheObject(redisKey);// 从redis中获取用户信息
//
//        // redis中用户不存在
//        if (Objects.isNull(loginUser)) {
//            throw new RuntimeException("redis中用户不存在!");
//        }
//
//        // 将Authentication对象（用户信息、已认证状态、权限信息）存入 SecurityContextHolder
//        UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginUser, null, loginUser.getAuthorities());
//        SecurityContextHolder.getContext().setAuthentication(authenticationToken);
//        //放行
//        filterChain.doFilter(request, response);
//    }
//}
